Consequently, “by analyzing these data points, the IT security specialists were further able to infer metadata such as the user’s device operating system, the age of the account, and the number of linked secondary devices (e.g., WhatsApp Web),” said the researchers.
What use might an attacker make of such information? “Knowing whether a specific (mobile) phone number is linked to a messaging app is highly sensitive, especially when that number is tied to a known individual. In regions where certain messaging apps are banned (for example, in China or Myanmar), such information could carry serious consequences.”
In addition, being able to confirm that a mobile number is in active use could make it a target for spam, phishing, and robocalling. The researchers even discovered that 58% of the 530 million phone numbers leaked during the 2021 Facebook hack remain active on WhatsApp.
